Lucene search
PRIOn knowledge basePRION:CVE-2019-15796HistoryMar 26, 2020 - 1:15 p.m.
Design/Logic Flaw
2020-03-2613:15:00
PRIOn knowledge base
www.prio-n.com
3
Python-apt doesn’t check if hashes are signed in Version.fetch_binary() and Version.fetch_source() of apt/package.py or in _fetch_archives() of apt/cache.py in version 1.9.3ubuntu2 and earlier. This allows downloads from unsigned repositories which shouldn’t be allowed and has been fixed in verisions 1.9.5, 1.9.0ubuntu1.2, 1.6.5ubuntu0.1, 1.1.0~beta1ubuntu0.16.04.7, 0.9.3.5ubuntu3+esm2, and 0.8.3ubuntu7.5.
Related
osv
osv
python-apt Does Not Check Hash Signature
2022-05-24 17:12:47
python-apt - security update
2020-01-23 00:00:00
python-apt - security update
2020-01-23 00:00:00
debiancve
debiancve
CVE-2019-15796
2020-03-26 13:15:12
cvelist
cvelist
CVE-2019-15796 python-apt downloads from untrusted sources
2019-12-12 00:00:00
github
github
python-apt Does Not Check Hash Signature
2022-05-24 17:12:47
cve
cve
CVE-2019-15796
2020-03-26 13:15:12
nvd
nvd
CVE-2019-15796
2020-03-26 13:15:12
ubuntucve
ubuntucve
CVE-2019-15796
2020-01-20 00:00:00
nessus
nessus
Ubuntu 16.04 LTS / 18.04 LTS : python-apt regression (USN-4247-2)
2020-01-23 00:00:00
Debian DSA-4609-1 : python-apt - security update
2020-01-27 00:00:00
Debian DLA-2074-1 : python-apt security update
2020-01-24 00:00:00
ubuntu
ubuntu
python-apt vulnerabilities
2020-01-23 00:00:00
python-apt vulnerabilities
2020-01-22 00:00:00
python-apt regression
2020-01-22 00:00:00
cloudfoundry
cloudfoundry
USN-4247-2: python-apt regression | Cloud Foundry
2020-02-12 00:00:00
USN-4247-1: python-apt vulnerabilities | Cloud Foundry
2020-02-12 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-2074-1)
2020-01-24 00:00:00
Ubuntu: Security Advisory (USN-4247-2)
2020-01-23 00:00:00
Ubuntu: Security Advisory (USN-4247-3)
2022-08-26 00:00:00
debian
debian
[SECURITY] [DSA 4609-1] python-apt security update
2020-01-23 22:03:59
[SECURITY] [DLA 2074-1] python-apt security update
2020-01-23 21:03:46